cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 16-05-2015 02
Ran by Administrador at 2015-05-16 14:38:16
Running from C:\Documents and Settings\Administrador\Meus documentos\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-484763869-1383384898-1177238915-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrador
ASPNET (S-1-5-21-484763869-1383384898-1177238915-1005 - Limited - Enabled)
Convidado (S-1-5-21-484763869-1383384898-1177238915-501 - Limited - Disabled)
HelpAssistant (S-1-5-21-484763869-1383384898-1177238915-1000 - Limited - Disabled)
SUPPORT_388945a0 (S-1-5-21-484763869-1383384898-1177238915-1002 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {AD166499-45F9-482A-A743-FDD3350758C7}
AV: Microsoft Security Essentials (Enabled - Up to date) {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
AV: avast! Antivirus (Enabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Atualização de Segurança para o Windows Media Player 11 (KB954154) (HKLM\...\KB954154_WM11) (Version: - Microsoft Corporation)
Atualização de Segurança para Windows XP (KB923561) (HKLM\...\KB923561) (Version: 1 - Microsoft Corporation)
Atualização de Segurança para Windows XP (KB941569) (HKLM\...\KB941569) (Version: - Microsoft Corporation)
Atualização de Segurança para Windows XP (KB950760) (HKLM\...\KB950760) (Version: 1 - Microsoft Corporation)
Atualização de Segurança para Windows XP (KB960715) (HKLM\...\KB960715) (Version: 1 - Microsoft Corporation)
Atualização para o Windows XP (KB943729) (HKLM\...\KB943729) (Version: - Microsoft Corporation)
Atualização para Windows XP (KB898461) (HKLM\...\KB898461) (Version: 1 - Microsoft Corporation)
Avira (HKLM\...\{2d044ded-ae1b-40d3-8d18-97cfda75bd69}) (Version: 1.1.37.14600 - Avira Operations GmbH & Co. KG)
Avira (Version: 1.1.37.14600 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM\...\Avira Antivirus) (Version: 15.0.9.504 - Avira Operations GmbH & Co. KG)
Google Chrome (HKU\S-1-5-21-484763869-1383384898-1177238915-500\...\Google Chrome) (Version: 42.0.2311.135 - Google Inc.)
Hotfix para o Windows Media Player 11 (KB939683) (HKLM\...\KB939683) (Version: - Microsoft Corporation)
Hotfix para Windows XP (KB942288-v3) (HKLM\...\KB942288-v3) (Version: 3 - Microsoft Corporation)
Malwarebytes Anti-Malware versão 2.1.6.1022 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30320 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 2.1.1116.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft WinUsb 1.0 (HKLM\...\winusb0100) (Version: - Microsoft Corporation)
Mozilla Firefox 34.0.5 (x86 pt-BR) (HKLM\...\Mozilla Firefox 34.0.5 (x86 pt-BR)) (Version: 34.0.5 - Mozilla)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Live Upload Tool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
ZHPDiag 2015 (HKLM\...\ZHPDiag_is1) (Version: 2015 - Nicolas Coolman)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-484763869-1383384898-1177238915-500_Classes\CLSID\{00B7E0AB-817A-44AD-A04B-D1148D524136}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-484763869-1383384898-1177238915-500_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-484763869-1383384898-1177238915-500_Classes\CLSID\{04A1E553-FE36-4FDE-865E-344194E69424}\InprocServer32 -> C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Ink\inkobj.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-484763869-1383384898-1177238915-500_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0007}\InprocServer32 -> C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\GAS Tecnologia\GBBD\npsf_cef.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-484763869-1383384898-1177238915-500_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0013}\InprocServer32 -> C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\GAS Tecnologia\GBBD\npsf_uni.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-484763869-1383384898-1177238915-500_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0007}\InprocServer32 -> C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\GAS Tecnologia\GBBD\npsf_cef.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-484763869-1383384898-1177238915-500_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0013}\InprocServer32 -> C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\GAS Tecnologia\GBBD\npsf_uni.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-484763869-1383384898-1177238915-500_Classes\CLSID\{13DE4A42-8D21-4C8E-BF9C-8F69CB068FCA}\InprocServer32 -> C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Ink\inkobj.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-484763869-1383384898-1177238915-500_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-484763869-1383384898-1177238915-500_Classes\CLSID\{242025BB-8546-48B6-B9B0-F4406C54ACFC}\InprocServer32 -> C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Ink\inkobj.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-484763869-1383384898-1177238915-500_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-484763869-1383384898-1177238915-500_Classes\CLSID\{3336B8BF-45AF-429F-85CB-8C435FBF21E4}\InprocServer32 -> C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Ink\inkobj.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-484763869-1383384898-1177238915-500_Classes\CLSID\{3EE60F5C-9BAD-4CD8-8E21-AD2D001D06EB}\InprocServer32 -> C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Ink\inkobj.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-484763869-1383384898-1177238915-500_Classes\CLSID\{43B07326-AAE0-4B62-A83D-5FD768B7353C}\InprocServer32 -> C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Ink\inkobj.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-484763869-1383384898-1177238915-500_Classes\CLSID\{43FB1553-AD74-4EE8-88E4-3E6DAAC915DB}\InprocServer32 -> C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Ink\inkobj.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-484763869-1383384898-1177238915-500_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-484763869-1383384898-1177238915-500_Classes\CLSID\{524B13ED-2E57-40B8-B801-5FA35122EB5C}\InprocServer32 -> C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Ink\inkobj.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-484763869-1383384898-1177238915-500_Classes\CLSID\{5436C6D3-44DE-49f6-9167-CC17A3D88411}\InprocServer32 -> 0xB0B0B0B08AB0B0B0B0B0B0B0B0B4C6C6B0B9B6C5B18A No File
CustomCLSID: HKU\S-1-5-21-484763869-1383384898-1177238915-500_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\42.0.2311.135\delegate_execute.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-484763869-1383384898-1177238915-500_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-484763869-1383384898-1177238915-500_Classes\CLSID\{632A2D3D-86AF-411A-8654-7511B51B3D5F}\InprocServer32 -> C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Ink\inkobj.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-484763869-1383384898-1177238915-500_Classes\CLSID\{65D00646-CDE3-4A88-9163-6769F0F1A97D}\InprocServer32 -> C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Ink\inkobj.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-484763869-1383384898-1177238915-500_Classes\CLSID\{6E4FCB12-510A-4D40-9304-1DA10AE9147C}\InprocServer32 -> C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Ink\inkobj.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-484763869-1383384898-1177238915-500_Classes\CLSID\{786CDB70-1628-44A0-853C-5D340A499137}\InprocServer32 -> C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Ink\inkobj.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-484763869-1383384898-1177238915-500_Classes\CLSID\{7C6E29BC-8B8B-4C3D-859E-AF6CD158BE0F}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-484763869-1383384898-1177238915-500_Classes\CLSID\{836FA1B6-1190-4005-B434-7ED921BE2026}\InprocServer32 -> C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Ink\inkobj.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-484763869-1383384898-1177238915-500_Classes\CLSID\{8770D941-A63A-4671-A375-2855A18EBA73}\InprocServer32 -> C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Ink\inkobj.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-484763869-1383384898-1177238915-500_Classes\CLSID\{8854F6A0-4683-4AE7-9191-752FE64612C3}\InprocServer32 -> C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Ink\InkDiv.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-484763869-1383384898-1177238915-500_Classes\CLSID\{88D969C0-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-484763869-1383384898-1177238915-500_Classes\CLSID\{88D969C1-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-484763869-1383384898-1177238915-500_Classes\CLSID\{88D969C2-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-484763869-1383384898-1177238915-500_Classes\CLSID\{88D969C3-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-484763869-1383384898-1177238915-500_Classes\CLSID\{88D969C4-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-484763869-1383384898-1177238915-500_Classes\CLSID\{88D969C5-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-484763869-1383384898-1177238915-500_Classes\CLSID\{88D969C6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-484763869-1383384898-1177238915-500_Classes\CLSID\{88D969C8-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-484763869-1383384898-1177238915-500_Classes\CLSID\{88D969C9-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-484763869-1383384898-1177238915-500_Classes\CLSID\{88D969CA-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-484763869-1383384898-1177238915-500_Classes\CLSID\{88D969D6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-484763869-1383384898-1177238915-500_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Facebook\Video\Skype\FacebookVideoCallingProxy.exe (Skype Limited)
CustomCLSID: HKU\S-1-5-21-484763869-1383384898-1177238915-500_Classes\CLSID\{937C1A34-151D-4610-9CA6-A8CC9BDB5D83}\InprocServer32 -> C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Ink\inkobj.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-484763869-1383384898-1177238915-500_Classes\CLSID\{9C1CC6E4-D7EB-4EEB-9091-15A7C8791ED9}\InprocServer32 -> C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Ink\inkobj.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-484763869-1383384898-1177238915-500_Classes\CLSID\{9DE85094-F71F-44F1-8471-15A2FA76FCF3}\InprocServer32 -> C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Ink\inkobj.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-484763869-1383384898-1177238915-500_Classes\CLSID\{9FD4E808-F6E6-4E65-98D3-AA39054C1255}\InprocServer32 -> C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Ink\inkobj.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-484763869-1383384898-1177238915-500_Classes\CLSID\{A5558507-9B96-46BA-94ED-982E684A9A6B}\InprocServer32 -> C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Ink\tpcps.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-484763869-1383384898-1177238915-500_Classes\CLSID\{A5B020FD-E04B-4E67-B65A-E7DEED25B2CF}\localserver32 -> C:\WINDOWS\system32\wisptis.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-484763869-1383384898-1177238915-500_Classes\CLSID\{AAC46A37-9229-4FC0-8CCE-4497569BF4D1}\InprocServer32 -> C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Ink\inkobj.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-484763869-1383384898-1177238915-500_Classes\CLSID\{B2EDD302-E9B3-4c3c-A5B9-759476E7BDD3}\InprocServer32 -> 0xB0B0B0C18AB0B0B0B0B0B0B0B0B4C6B5B7B7B8C1B18A No File
CustomCLSID: HKU\S-1-5-21-484763869-1383384898-1177238915-500_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-484763869-1383384898-1177238915-500_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\1.3.26.9\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-484763869-1383384898-1177238915-500_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-484763869-1383384898-1177238915-500_Classes\CLSID\{C52FF1FD-EB6C-42CF-9140-83DEFECA7E29}\InprocServer32 -> C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Ink\inkobj.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-484763869-1383384898-1177238915-500_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CustomCLSID: HKU\S-1-5-21-484763869-1383384898-1177238915-500_Classes\CLSID\{D8BF32A2-05A5-44C3-B3AA-5E80AC7D2576}\InprocServer32 -> C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Ink\inkobj.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-484763869-1383384898-1177238915-500_Classes\CLSID\{DE815B00-9460-4F6E-9471-892ED2275EA5}\InprocServer32 -> C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Ink\inkobj.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-484763869-1383384898-1177238915-500_Classes\CLSID\{E3D5D93C-1663-4A78-A1A7-22375DFEBAEE}\InprocServer32 -> C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Ink\inkobj.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-484763869-1383384898-1177238915-500_Classes\CLSID\{E5CA59F5-57C4-4DD8-9BD6-1DEEEDD27AF4}\InprocServer32 -> C:\WINDOWS\system32\inked.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-484763869-1383384898-1177238915-500_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-484763869-1383384898-1177238915-500_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\1.3.26.9\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-484763869-1383384898-1177238915-500_Classes\CLSID\{E9A6AB1B-0C9C-44AC-966E-560C2771D1E8}\InprocServer32 -> C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Ink\inkobj.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-484763869-1383384898-1177238915-500_Classes\CLSID\{EFB4A0CB-A01F-451C-B6B7-56F02F77D76F}\InprocServer32 -> C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Ink\inkobj.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-484763869-1383384898-1177238915-500_Classes\CLSID\{F0291081-E87C-4E07-97DA-A0A03761E586}\InprocServer32 -> C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Ink\inkobj.dll (Microsoft Corporation)

==================== Restore Points =========================

01-04-2015 01:20:41 Ponto de verificação do sistema
01-04-2015 12:16:44 Software Distribution Service 3.0
02-04-2015 13:28:14 Software Distribution Service 3.0
03-04-2015 17:41:07 Software Distribution Service 3.0
04-04-2015 21:03:43 Ponto de verificação do sistema
05-04-2015 21:27:30 Software Distribution Service 3.0
07-04-2015 11:19:13 Software Distribution Service 3.0
08-04-2015 12:41:05 Software Distribution Service 3.0
09-04-2015 14:44:47 Ponto de verificação do sistema
13-04-2015 16:13:45 Software Distribution Service 3.0
14-04-2015 17:27:35 Ponto de verificação do sistema
15-04-2015 13:04:21 Software Distribution Service 3.0
16-04-2015 14:40:31 Software Distribution Service 3.0
18-04-2015 16:58:32 Software Distribution Service 3.0
21-04-2015 17:27:36 Software Distribution Service 3.0
22-04-2015 17:50:21 Ponto de verificação do sistema
23-04-2015 13:11:15 Software Distribution Service 3.0
26-04-2015 21:18:07 Software Distribution Service 3.0
28-04-2015 20:41:55 Software Distribution Service 3.0
01-05-2015 19:18:37 Software Distribution Service 3.0
02-05-2015 23:27:29 Software Distribution Service 3.0
04-05-2015 10:22:21 Software Distribution Service 3.0
05-05-2015 12:09:03 Software Distribution Service 3.0
06-05-2015 15:02:01 Software Distribution Service 3.0
09-05-2015 16:51:45 Software Distribution Service 3.0
10-05-2015 02:23:07 Software Distribution Service 3.0
10-05-2015 20:51:06 Removed Windows Live Upload Tool
11-05-2015 22:02:02 Software Distribution Service 3.0
12-05-2015 22:30:18 zoek.exe restore point
12-05-2015 22:49:40 Software Distribution Service 3.0
12-05-2015 23:49:33 zoek.exe restore point
14-05-2015 14:45:34 Software Distribution Service 3.0
14-05-2015 18:21:02 ZHPFix Restore System Point
14-05-2015 18:26:43 ZHPFix Restore System Point
15-05-2015 17:07:41 Removed Motorola Device Software Update
15-05-2015 17:08:02 Removed Motorola Mobile Drivers Installation 5.9.0
15-05-2015 17:16:25 ZHPFix Restore System Point
15-05-2015 17:20:47 Software Distribution Service 3.0

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\AdobeAAMUpdater-1.0-2013LL-Administrador.job => C:\Arquivos de programas\Arquivos comuns\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe-mode=scheduled.Adm
Task: C:\WINDOWS\Tasks\AdobeAAMUpdater-1.0-PC-Administrador.job => C:\Arquivos de programas\Arquivos comuns\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe-mode=scheduled.Adm
Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Arquivos de programas\AVAST Software\Avast\AvastEmUpdate.exe
Task: C:\WINDOWS\Tasks\MP Scheduled Scan.job => C:\Arquivos de programas\Microsoft Security Client\Antimalware\MpCmdRun.exe
Task: C:\WINDOWS\Tasks\User_Feed_Synchronization-{D3D56E0F-81F0-48D3-B4CB-3BFBD16CD32D}.job => C:\WINDOWS\system32\msfeedssync.exe
Task: C:\WINDOWS\Tasks\User_Feed_Synchronization-{E46DE979-9AF3-426C-8192-000662D0FD6B}.job => C:\WINDOWS\system32\msfeedssync.exe

==================== Loaded Modules (Whitelisted) ==============

2014-09-20 13:23 - 2014-09-20 13:23 - 00301152 _____ () C:\Arquivos de programas\AVAST Software\Avast\aswProperty.dll
2015-05-15 15:49 - 2015-05-15 15:49 - 02929664 _____ () C:\Arquivos de programas\AVAST Software\Avast\defs\15051501\algo.dll
2015-05-16 14:27 - 2015-05-16 14:27 - 02929664 _____ () C:\Arquivos de programas\AVAST Software\Avast\defs\15051600\algo.dll
2013-10-31 12:05 - 2013-10-31 12:05 - 00172032 _____ () C:\Arquivos de programas\Motorola Mobility\Motorola Device Manager\css_core.dll
2014-09-20 13:23 - 2014-09-20 13:23 - 19329904 _____ () C:\Arquivos de programas\AVAST Software\Avast\libcef.dll
2008-04-13 18:20 - 2008-04-13 18:20 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
2014-04-11 11:59 - 2014-02-10 12:44 - 04592128 _____ () C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll
2014-04-11 11:59 - 2014-02-10 12:44 - 00112128 _____ () C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll
2015-04-29 17:39 - 2015-04-27 23:07 - 14980424 _____ () C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\42.0.2311.135\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\WINDOWS\system32:F7C6FF0C_Uni.gbp
AlternateDataStreams: C:\WINDOWS\system32\drivers:GbpKmAp.lst
AlternateDataStreams: C:\WINDOWS\system32\drivers:IncompleteBoot.cnt

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-484763869-1383384898-1177238915-500\...\itau.com.br -> bankline.itau.com.br
IE trusted site: HKU\S-1-5-21-484763869-1383384898-1177238915-500\...\itau.com.br -> hxxps://bankline.itau.com.br


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-484763869-1383384898-1177238915-500\Control Panel\Desktop\\Wallpaper -> C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Microsoft\Wallpaper1.bmp
DNS Servers: 192.168.2.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Arquivos de programas\Arquivos comuns\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Arquivos de programas\Arquivos comuns\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Alcmtr => ALCMTR.EXE
MSCONFIG\startupreg: ctfmon.exe => C:\WINDOWS\system32\ctfmon.exe
MSCONFIG\startupreg: Diebold - Warsaw => C:\Arquivos de programas\Diebold\Warsaw\core.exe
MSCONFIG\startupreg: Google Update => "C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: GrooveMonitor => "C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: HotKeysCmds => C:\WINDOWS\system32\hkcmd.exe
MSCONFIG\startupreg: IgfxTray => C:\WINDOWS\system32\igfxtray.exe
MSCONFIG\startupreg: MSC => "C:\Arquivos de programas\Microsoft Security Client\msseces.exe" -hide -runkey
MSCONFIG\startupreg: NeroFilterCheck => C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NeroCheck.exe
MSCONFIG\startupreg: Persistence => C:\WINDOWS\system32\igfxpers.exe
MSCONFIG\startupreg: RTHDCPL => RTHDCPL.EXE
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Arquivos de programas\Arquivos comuns\Adobe\SwitchBoard\SwitchBoard.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

StandardProfile\AuthorizedApplications: [C:\Arquivos de programas\Microsoft Office\Office12\OUTLOOK.EXE] => Enabled:Microsoft Office Outlook
StandardProfile\AuthorizedApplications: [C:\Arquivos de programas\Microsoft Office\Office12\GROOVE.EXE] => Enabled:Microsoft Office Groove
StandardProfile\AuthorizedApplications: [C:\Arquivos de programas\Microsoft Office\Office12\ONENOTE.EXE] => Enabled:Microsoft Office OneNote
StandardProfile\AuthorizedApplications: [C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe] => Enabled:Google Chrome
StandardProfile\AuthorizedApplications: [C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Facebook\Video\Skype\FacebookVideoCalling.exe] => Enabled:Facebook Video Calling Plugin
StandardProfile\AuthorizedApplications: [C:\Arquivos de programas\Diebold\Warsaw\core.exe] => Enabled:Warsaw
StandardProfile\AuthorizedApplications: [C:\WINDOWS\system32\muzapp.exe] => Enabled:MUZ AOD APP player
StandardProfile\AuthorizedApplications: [C:\Arquivos de programas\Motorola Mobility\MotoCast\bin\MotoCast-thumbnailer.exe] => Enabled:MotoCast-thumbnailer
StandardProfile\GloballyOpenPorts: [1900:UDP] => :LocalSubNet:Disabled:@xpsp2res.dll,-22007
StandardProfile\GloballyOpenPorts: [2869:TCP] => :LocalSubNet:Disabled:@xpsp2res.dll,-22008

==================== Faulty Device Manager Devices =============

Name: Modem PCI
Description: Modem PCI
Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/16/2015 02:26:17 PM) (Source: ESENT) (EventID: 490) (User: )
Description: svchost (1512) Falha na tentativa de abrir o arquivo "C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb" para acesso de leitura/gravação, com erro de sistema 32 (0x00000020): "O arquivo já está sendo usado por outro processo. ". A operação de abertura de arquivo falhará com o erro -1032 (0xfffffbf8).

Error: (05/16/2015 02:26:15 PM) (Source: ESENT) (EventID: 490) (User: )
Description: svchost (1512) Falha na tentativa de abrir o arquivo "C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb" para acesso de leitura/gravação, com erro de sistema 32 (0x00000020): "O arquivo já está sendo usado por outro processo. ". A operação de abertura de arquivo falhará com o erro -1032 (0xfffffbf8).

Error: (05/14/2015 03:17:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Aplicativo com falha schtasks.exe, versão 5.1.2600.5512, módulo com falha schtasks.exe, versão 5.1.2600.5512, endereço com falha 0x00009b11.
Processando evento específico de mídia para [schtasks.exe!ws!]

Error: (05/14/2015 03:16:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Aplicativo com falha chrome.exe, versão 42.0.2311.135, módulo com falha chrome.dll, versão 42.0.2311.135, endereço com falha 0x0046f62a.
Processando evento específico de mídia para [chrome.exe!ws!]

Error: (05/14/2015 02:20:51 AM) (Source: MPSampleSubmission) (EventID: 5000) (User: )
Description: EventType mptelemetry, P1 8024402f, P2 endsearch, P3 search, P4 3.0.8402.0, P5 mpsigdwn.dll, P6 3.0.8402.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P8 NIL, P9 mptelemetry0, P10 mptelemetry1.

Error: (05/13/2015 07:06:04 PM) (Source: $(ProductName) Service Host) (EventID: 0) (User: )
Description: Failed to process session change. System.ComponentModel.Win32Exception (0x80004005): Key (Users\S-1-5-21-484763869-1383384898-1177238915-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall) could not be opened Error: 87, Hive: Users, Key: S-1-5-21-484763869-1383384898-1177238915-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
at Avira.OE.WinCore.Utility.RegistryValueWatcher.CheckResultAndThrowWin32Exception(Int32 result, String message)
at Avira.OE.WinCore.Utility.RegistryValueWatcher.OpenRegKey()
at Avira.OE.WinCore.Utility.RegistryValueWatcher.Start()
at Avira.OE.ServiceHost.AppInfoRepositoryFactory.CreateRegistryAppInfoRepository(RegistryHive registryHive, String registryPath, RegistryView registryView)
at Avira.OE.ServiceHost.DesktopApplications.UpdateUserAppInfoRepository(String userSid)
at Avira.OE.ServiceHost.DesktopApplications.UpdateOnNewUserSid(String userSid)
at Avira.OE.ServiceHost.DesktopApplications.OnSessionChange(Int32 sessionId, SessionChangeReason reason)
at Avira.OE.ServiceHost...

Error: (05/12/2015 10:37:19 PM) (Source: WmiAdapter) (EventID: 4099) (User: BUILTIN)
Description: Falha na abertura do serviço.

Error: (05/12/2015 09:02:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Aplicativo com falha chrome.exe, versão 42.0.2311.135, módulo com falha chrome.dll, versão 42.0.2311.135, endereço com falha 0x0046f62a.
Processando evento específico de mídia para [chrome.exe!ws!]

Error: (05/12/2015 05:42:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Aplicativo com falha chrome.exe, versão 42.0.2311.135, módulo com falha chrome.dll, versão 42.0.2311.135, endereço com falha 0x0046f62a.
Processando evento específico de mídia para [chrome.exe!ws!]

Error: (05/11/2015 10:47:05 PM) (Source: MPSampleSubmission) (EventID: 5000) (User: )
Description: EventType mptelemetry, P1 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P2 3.0.8402.0, P3 timeout, P4 1.1.11602.0, P5 fixed, P6 1 _ 2049+, P7 5 _ not boot, P8 NIL, P9 mptelemetry0, P10 mptelemetry1.


System errors:
=============
Error: (05/16/2015 02:25:09 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Tempo limite (30000 milissegundos) de espera para que o serviço Avira Service Host se conecte.

Error: (05/16/2015 02:25:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço LogMeIn Kernel Information Provider devido ao seguinte erro:
%%3

Error: (05/16/2015 02:23:25 PM) (Source: Dhcp) (EventID: 1000) (User: )
Description: O computador perdeu a concessão para o endereço IP 192.168.2.103 na placa de rede
com o endereço de rede 0019DBFAE058.

Error: (05/16/2015 02:23:24 PM) (Source: 0) (EventID: 1) (User: )
Description: 0xC0000001HarddiskVolume1

Error: (05/16/2015 01:39:31 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço LogMeIn Kernel Information Provider devido ao seguinte erro:
%%3

Error: (05/16/2015 01:38:14 AM) (Source: 0) (EventID: 1) (User: )
Description: 0xC0000001HarddiskVolume1

Error: (05/15/2015 05:10:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço LogMeIn Kernel Information Provider devido ao seguinte erro:
%%3

Error: (05/15/2015 05:09:25 PM) (Source: 0) (EventID: 1) (User: )
Description: 0xC0000001HarddiskVolume1

Error: (05/15/2015 05:09:07 PM) (Source: Dhcp) (EventID: 1000) (User: )
Description: O computador perdeu a concessão para o endereço IP 192.168.2.103 na placa de rede
com o endereço de rede 0019DBFAE058.

Error: (05/15/2015 11:38:51 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço LogMeIn Kernel Information Provider devido ao seguinte erro:
%%3


Microsoft Office Sessions:
=========================
Error: (01/29/2013 10:26:15 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 20152 seconds with 0 seconds of active time. This session ended with a crash.


==================== Memory info ===========================

Processor: Intel(R) Celeron(R) CPU 430 @ 1.80GHz
Percentage of memory in use: 51%
Total physical RAM: 2551.3 MB
Available physical RAM: 1224.84 MB
Total Pagefile: 3150.69 MB
Available Pagefile: 1816.8 MB
Total Virtual: 2047.88 MB
Available Virtual: 1946.25 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:34.18 GB) (Free:11.5 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive d: () (Fixed) (Total:40.35 GB) (Free:25.76 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 74.5 GB) (Disk ID: 30CB2B7F)
Partition 1: (Active) - (Size=34.2 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=40.3 GB) - (Type=OF Extended)

==================== End Of Log ============================

Publicité


Signaler le contenu de ce document

Publicité